Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

Discussion in 'other anti-virus software' started by Secondmineboy, Jan 30, 2016.

  1. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    4,081
    I have between various machines, but WD wont scan the network, disabled or never enabled. Makes no sense here because WD is already working in the other machines, why should i scan twice? I know about slowdowns with network attached drives in special on windows startup.
    I do not use a network drive which is ofc another use case.
    And this lag is caused by WD and not the thumb preview? Or search catalog?
     
  2. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    6,754
    Location:
    USA
    Because it does. Why scan every time you open a folder? Every day forever. This is one of my 2 biggest complaints. If they would do like some other AV products and not repeatedly scan the same files every time and not treat new files like a disease I would probably use it. Without complaint.
     
  3. Spartan

    Spartan Registered Member

    Joined:
    Jun 21, 2016
    Posts:
    1,045
    Location:
    Dubai
    that's the biggest flaw and cause of slowdown with WD! It is so dumb that it would keep scanning the same files over and over again, not only upon access of that individual file but upon opening the folder which contains that file along with all the files with it. So sad that Microsoft's own Antivirus which should logically be the best and lightest is the worst when it comes to performance. By the way, this stupid scanning has been the biggest performance issue since the days of MSE (Microsoft Security Essentials)
     
  4. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,777
    Location:
    U.S.A. (South)
    My gosh very valid point on the rescan loop of the same files. I sort of thought that the scan of hashes would be a satisfactory enough safety match where unless the previously scanned file was modified or attributes changed, would relieve the program's burden of overtaxing itself and the machine that it's in (as well as the end user's patience)

    And let's face it, and for another rubs sakes, who specifically names their program with "security intelligence version" but is yet to tune it to avoid constant redundancy. But as no expert in those matters it does make sense that it doesn't make sense to keep scanning the same files. Of course it could always have missed something.
     
  5. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    6,754
    Location:
    USA
    I've seen it re scan the same 4 GB ISO file on a laptop repeatedly every day until I tracked down what it was doing and deleted the file. It was a Windows 10 ISO file. They don't even exclude their own files.
     
  6. Spartan

    Spartan Registered Member

    Joined:
    Jun 21, 2016
    Posts:
    1,045
    Location:
    Dubai
    #facepalm
    I wonder what does this AV compares against if it doesn't check the digital file hashes of their own files. :rolleyes:

    And for everyone else here that is saying that there is a problem with my so-called fast laptop because they don't see a slow-down on their machine, then why is it that when I install Panda Free, Bitdefender, ESET, MBAM, F-Secure, Norton, etc. (yes I have a license for every AV out there) I don't see any slowdown and even those folders that contain hundreds of custom folder icons load instantly? :rolleyes:
     
  7. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    4,081
    Defender has IMO a memory, your description is not reproducible me
    ofc other antivirus scan same folder every time its opened. But they do this differently as defender i suppose. I have heard about internal hashes to be compared, if hash changed the file is scanned again. And thats what i have for Defender in mind. After a complete scan WD marks unchanged files as secure.
     
  8. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    6,754
    Location:
    USA
    Let me first say I am not trying to be argumentative, just sharing my experience. When I get to work each morning there are network folders I open on my company desktop PC to copy files into from the overnight backups from a website we own. Every morning File Explorer freezes for probably what is about 30 seconds. This situation is consistent and does not improve over time. On my laptop I have a product that starts with a "K". :isay: This product introduces no lag when I open the same folders. They open immediately. I assume it also may be scanning them but sees mostly the same files and freezes nothing. As this same product scans my external drive every time I plug it in to run my Macrium backup it alerts me to the fact it is scanning the drive but it is done in about 2 seconds. When WD can match this I will switch because everyone likes free.
     
  9. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,443
    Location:
    Slovenia
    I don't know about complete scan marking files as secure but real time protection doesn't do it. Real-time protection re-scans every file (changed or unchanged) every time files are accessed. Working with executables shows this fact every time to me and it's easily reproducible.
     
  10. Spartan

    Spartan Registered Member

    Joined:
    Jun 21, 2016
    Posts:
    1,045
    Location:
    Dubai
    Then try Panda, you will be blown away! See: https://www.av-comparatives.org/comparison/?usertype=consumer&chart_chart=chart7&chart_year=2018&chart_month=Feb-Oct&chart_sort=1&chart_zoom=0
     
  11. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,072
    While it is extremely light, it provides very poor protection.
     
  12. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,443
    Location:
    Slovenia
    Yes, and prone to false positives.
     
  13. Spartan

    Spartan Registered Member

    Joined:
    Jun 21, 2016
    Posts:
    1,045
    Location:
    Dubai
    How is that? It got 99.7% here: https://www.av-comparatives.org/comparison/?usertype=consumer&chart_chart=chart2&chart_year=2021&chart_month=Feb-Mar&chart_sort=1&chart_zoom=2
    Never gotten a single FP with it personally, been using it for a long while now.
     
  14. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    945
    Location:
    Canada
    Yah, I seem to recall that Panda scored poorly in false positives and especially in protection. Don't ask me for specific examples but I seem to vaguely remember it not doing well in a lot of tests lately.
     
  15. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,072
    They are usually fairly slow to add signatures for new malware. In addition to this, its behavioural protection is terrible. Tests, like the one linked, show that it does well at detecting malware that isn't newly discovered. When tested against zero-day malware (which it often won't yet have signatures for), for example at the Malware Hub at MalwareTips, it performs poorly.
    https://malwaretips.com/threads/panda-dome-advanced-february-2021-report.106569/

    I used Panda for quite some time. It only had minor issues with false positives, which is good, and was extremely light. However, I ditched it due to its poor detection rate.
     
  16. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,443
    Location:
    Slovenia
    I get it almost every time I update my software. So far it has blocked Notepad++, Macrium Reflect and some other's updates for me. It specially annoying when it blocks something in the middle of installation and you don't know how installation process would continue.
    Each time I have to contact our admin to put me on white-list to update software.
    FP gets sorted out eventually but it's PITA if you are among first to try to update and you get blocked because they don't have installer whitelisted.
     
  17. Spartan

    Spartan Registered Member

    Joined:
    Jun 21, 2016
    Posts:
    1,045
    Location:
    Dubai
    Ok that's not good then. Thanks for the tip. I might go back to my trusty F-Secure AV then the next time I format.

    @roger_m Thanks for that info as well, I never thought of that.
     
  18. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    17,712
    Location:
    UK
    Let's get back to discussing Defender now which is what this thread is about.

    Thanks.
     
  19. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,777
    Location:
    U.S.A. (South)
    I will say that the "controlled folder access" in it seems ok. As mentioned I also have WiseVector StopX running resident in the background with all settings ON and up. Heuristics HIGH. WVSX is caught some of my SAFE old apps and it's easy enough to EXCLUDE. Same for MD. It alerts for your actions where to "Allow On Device" when you know 100% its a safe inert file. I use customizations apps from 8.1 even on 10 such as Madodate and WinFlip to do some convenient if not fancy pants screen scrolling of open windows via mouse roll button. Desk Hedron as well. Some of Windows 98 of all things virtual desktop box rotator (and others) when first introduced was simple enough to EXCLUDE in Defender as well.

    However I combed Ten Forums and everywhere else on Google for a way to CLEAR the Protection History and all 3 of the common tweaks still does not clear the HISTORY of "controlled folder access" on this Windows 10. Its not hurting anything just letting the list grow I suppose but it would be a useful option if Microsoft Defender had a simple Clear Protection History for that visual display log too.

    Perhaps they will enhance it even more but as it's already built-in as long as it doesn't take it on the chin you can live with that so long as the performance is stable.
     
  20. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    Yes I have the same expercience. If I disable WD I don't see any improvement in speed. But from what I understood, most AV's nowadays don't give any big problems when it comes to slowing down the system. But I'm not a fanboy, I think WD should improve the GUI to look more like a regular AV and it should give options for power users. Plus they should fix the problem with scanning files over and over again.

    Yes exactly. BTW a general question to all, is it true that if you download signatures it might be about 100MB big? Or perhaps it's the engine that's being upgraded too? Also, it seems that if you enable "cloud protection" it will detect more things, it detected SpyShelter's Security Test Tool, which is of course a false positive. But it makes me wonder if you then even need to update the signature database in the first place.
     
  21. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    4,081
    No bug, its a feature. :D Any current antivirus will (should) find such test tools because the code is intrusive, otherwise it makes no sense to call it "test tool".
     
  22. moredhelfinland

    moredhelfinland Registered Member

    Joined:
    Mar 31, 2009
    Posts:
    128
    Location:
    Finland
    Just my opinion about MD, one of the reason i won't use it, because some malwares especially targets it(disabling/abusing).
     
  23. DeRodeKater

    DeRodeKater Registered Member

    Joined:
    Sep 21, 2011
    Posts:
    28
    That also happens with other AVs. Recent MD versions cannot be easily disabled anymore.
     
  24. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,141
    Location:
    Las Vegas
    Cannot be disabled-if at all. I would rather have an AV that is "built-in" than other AVs three of which damaged Win10 files on my main machine in one way or the other.

    You would do best to use the command: sfc /scannow after you un-install any AV other than Windows Defender. You might be surprised to see what some of the AVs have done to your files. I am losing confidence in third party AV solutions.
     
  25. moredhelfinland

    moredhelfinland Registered Member

    Joined:
    Mar 31, 2009
    Posts:
    128
    Location:
    Finland
    If im were a hacker, sure my target is to kill MD and its parent proseses. Tried several AV solutions, tried to kill all the way. Dr Web is one of the best kernel based protection scheme i've ever seen.
    It's just an art how it hanles live prosesses. It does it way better then Kaspersky. Sure it does not care all the ****, but its memory analysin method is one of its kind. Very advanced tech.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.